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DETAILED ACTION 



1. 



This Office action is in response the RCE filed on July 14, 2006. 



2. 



Claims 1-35 are pending. 



Continued Examination Under 37 CFR 1.114 



3. A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 7/14/06 
has been entered. 

Response to Arguments 

4. Applicant's arguments with respect to amended claims 1-36 have been 
considered but are moot in view of the new ground(s) of rejection. 



5. The following is a quotation of the first paragraph of 35 U.S.C. 1 12: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 



Claim Rejections - 35 USC §112 
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6. Claims 1-36 are rejected under 35 U.S.C. 112, first paragraph, as failing to 
comply with the written description requirement. The claim(s) contains subject matter 
which was not described in the specification in such a way as to reasonably convey to 
one skilled in the relevant art that the inventor(s), at the time the application was filed, 
had possession of the claimed invention. As per claims 1 and 24, the limitations "using 
a first private-public signature key pair to issue a pseudonym to a user; said user using 
said pseudonym and the first private signature key to obtain a receipt from an issuer, 
wherein said receipt is electronically signed by the issuer using the first public signature 
key ..." are not described in the specification. The specification only describes 
embodiments wherein the receipt is electronically signed by the issuer using a public 
signature key assigned to the issuer, which is a separate public signature key then the 
first public signature key. (Specification, pg. 7, lines 14-18; figures 2-5, "SIG_TS") As 
per claims 6 and 25, the limitations "receiving a message from a sender using a 
pseudonym, wherein said pseudonym is issued using a first private-public signature key 
pair, and said message is electronically signed by said sender using the first private 
signature key owned by said sender ... electronically signing said receipt with the first 
public signature key assigned to an issuer issuing said receipt" are not described in the 
specification. The specification only describes embodiments wherein the receipt is 
signed using a public signature key assigned to the issuer, which is a key separate from 
the first private signature key owned by the sender, ibid. As per claims 13 and 26, the 
limitations "a user using a pseudonym to create a first message including a transaction 
request and a reference to a designated owner of a receipt to be generated in response 
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to receiving said message, wherein said pseudonym is issued using a first private public 
signature key pair ... sending said first message to a first addressee; and receiving said 
receipt from said first addressee, said receipt being electronically signed by said first 
addressee having given said receipt using the first private signature key assigned to 
said first addressee ..." are not disclosed in the Specification. The specification only 
describes embodiments wherein a public signature key assigned to the first addressee 
is used to sign the receipt, which is a key separate from the first private signature key of 
the user. 

Claim Rejections - 35 USC § 103 

7. Claims 6-11, 13, 17, 19-22, 25-28, 31, 32, 34 and 35 are rejected under 35 
U.S.C. 102(e) as being unpatentable over Lewis et al. U.S. Patent No. 6,233,565 
(hereinafter Lewis) in view of Ellison et al. USPN 6,976,162 (hereinafter Ellison) and 
Brand USPN 5,604,805 (hereinafter Brand). 

8. As per claim 6, Lewis discloses a receipt generation method, comprising 
generating an electronic receipt in a communication system providing a public key 
encryption system, including the steps of: 

a. receiving a message from a sender, the message is electronically signed 
by the sender using a private signature key owned by the sender, whereby the 
message includes a transaction request and a reference to a designated owner 
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of a receipt to be generated (Lewis, col. 4:20-27; cols. 7 and 8 t TABLE 1 , 
"Transaction Type"); 

b. authenticating the message using a public signature verification key 
associated to the private signature key held by the sender of the message 
(Lewis, 4:24-27; cols. 7 and 8: TABLE 1 under "Transaction Type": 
"authentication client 2n to server", under "Transaction Server 190" and "Master 
Server 300"); 

c. issuing a receipt including the reference to the designated owner of the 
receipt and details for what the receipt has been given to provide the designated 
owner with the receipt (Lewis, 4:32-38); and 

d. electronically signing the receipt with the public signature key assigned to 
an issuer issuing the receipt (Lewis, 4:41-44). 

9. Lewis does not teach using a pseudonym on the message from the sender, 
wherein the pseudonym is issued using a first private-public key pair, and the receipt 
enables the owner to verify ownership of the receipt while maintaining the owner 
anonymous or pseudonymous. Ellison discloses producing pseudonyms by generating 
a key pair and certifying the generated public key by a trusted center to withhold the 
identity of a user in transactions requiring the use of the pseudonym key to certify digital 
signatures of the user (Ellison, col. 3:8-13; 3:57-5:9). In the method of Lewis, the 
public/private keys used to sign and verify the signatures of the receipts are rendered 
anonymous using the anonymous keys as taught by Ellison. Therefore, it would be 
obvious to one of ordinary skill in the art at the time the invention was made to verify 
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ownership of the receipt while maintaining the anonymity of the owner of the receipt, 
since it is desirous to maintain the privacy of a user transferring certified information 
(Ellison, 1:65-2:1). 

10. Finally, Lewis does not disclose using a second private-public signature key pair 
different than the first private-public signature key pair to verify the ownership of the 
receipt. Brand discloses a cryptographic concept of using different pseudonyms at 
different organizations such that the pseudonyms are unlinkable. (col. 2:15-34) This 
concept as applied to the teachings of Lewis and Ellison suggest using different 
pseudonym key pairs for different types of transactions to ensure unlinkablity of the 
transaction between the user and the organization issuing the receipt, and the 
transaction between the user and the organization verifying the receipt. Therefore, it 
would be obvious to one of ordinary skill in the art at the time the invention was made to 
use a second private-public signature key pair different than the first private-public 
signature key pair to verify the ownership of the receipt, while maintaining the owner 
anonymous or pseudonymous. This would ensure better privacy for the user since the 
organization generating the receipt and the organization validating the ownership of the 
receipt are not able to collude to identify the owner of the receipt, Brand, ibid. The 
aforementioned cover the limitations of claim 6. 

11. As per claim 7, the rejection of claim 6 under 35 U.S.C. 1 03(a) is incorporated 
herein, (supra) In addition, the method further includes the steps of performing the 
requested transaction, and returning the receipt to the sender (Lewis, col. 4:32-33). 
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12. As per claims 8-1 0, the rejection of claim 6 under 35 U.S.C. 103(a) is 
incorporated herein, (supra) In addition, Ellison discloses using a pseudonym for 
communicating and using a pseudonym as a reference to a designated owner (Ellison, 
col. 1 :65-2: 1 ; Abstract). It would be obvious to one of ordinary skill in the art at the time 
the invention was made to use a pseudonym for communication and designating the 
owner with a pseudonym to be used as a reference to the owner since it is desirous to 
maintain the privacy of a user transferring certified information (Ellison, ibid). Further, 
an anonymous communication connection is necessarily required in a pseudonym 
protocol. The aforementioned cover the limitations of claims 8-10. 

13. As per claim 11, the rejection of claim 6 under 35 U.S.C. 103(a) is incorporated 
herein, (supra) In addition, the designated owner of the receipt is the sender (Lewis, 
col. 4:32-35). 

14. As per claim 13, the rejections of claims 7 and 11 under 35 U.S.C. 103(a) are 
incorporated herein. In addition, the method disclosed by Lewis is also a method of 
proving ownership of a receipt (holder of the digital receipt signed by both the owner 
and the issuer proves ownership of the receipt) including the steps of: 

e. a user using a pseudonym to create a first message including a 
transaction request and a reference to a designated owner of a receipt to be 
generated in response to receiving the message, wherein the pseudonym is 
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issued using a first private-public signature key pair (Lewis, col. 4:20-27; the 
sender of the transaction request is the designated owner of the receipt; Ellison, 
4:10-14); 

f. electronically signing the message using the first private signature key 
(Lewis, 4:24-25; cols. 7 and 8: TABLE 1 under "Transaction Type": 
"authentication client 2n to server"); 

g. sending the first message to a first addressee (Lewis, 4:20-27; first 
addressee is the transaction server; and 

h. receiving the receipt from the first addressee, the receipt being 
electronically signed by the first addressee having given the receipt using the first 
private signature key assigned to the first addressee, wherein the receipt 
includes information as for what the receipt has been issued and the reference to 
the designated owner of the receipt and thereby to enable the owner to verify 
ownership of the receipt while maintaining the owner anonymous or 
pseudonymous (Lewis, 4:32-43; Ellison, 3:8-13; 3:57-5:9). 

15. It would be obvious to one of ordinary skill in the art at the time the invention was 
made to maintain the anonymity of the owner, since it is desirous to maintain the privacy 
of a user transferring certified information (Ellison, col. 65-2:1). 

16. Moreover, it would be obvious to one of ordinary skill in the art at the time the 
invention was made to use a second private-public signature key pair different than the 
first private-public signature key pair to verify the ownership of the receipt, while 
maintaining the owner anonymous or pseudonymous. This would ensure better privacy 
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for the user since the organization generating the receipt and the organization validating 
the ownership of the receipt are not able to collude to identify the owner of the receipt, 
Brand, (2:15-34). The aforementioned cover the limitations of claim 13. 

17. As per claim 17, the rejection of claim 13 under 35 U.S.C. 103(a) is incorporated 
herein, (supra) In addition, the reference to the designated owner of the receipt is a 
pseudonym used by the owner of the receipt (Ellison, col. 3:8-13; 3:57-5:9). It would be 
obvious to one of ordinary skill in the art at the time the invention was made for the 
reference to the designated owner of the receipt to be a pseudonym used by the owner 
of the receipt, since it is desirous to maintain the privacy of a user transferring certified 
information (Ellison, col. 1:65-2:1). The aforementioned cover the limitation of claim 17. 

18. As per claim 19, the rejection of claim 13 under 35 U.S.C. 103(a) is incorporated 
herein, (supra) In addition, the designated owner of the receipt is identical to a sender 
sending the first message to the first addressee (Lewis, col. 4, 20-27; the sender of the 
transaction request is the designated owner of the receipt). 

19. As per claim 20, the rejections of claims 13 and 19 under 35 U.S.C. 103(a) are 
incorporated herein. In addition, the method further comprises creating a second 
message including the receipt; electronically signing the second message using a 
second private signature key; and sending the second message to the designated 
owner of the receipt (Lewis, col. 4:32-43). 
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20. As per claims 21 and 22, the rejection of claim 20 under 35 U.S.C. 103(a) is 
incorporated herein. In addition, Ellison discloses using pseudonyms to withhold the 
identity of a user in transactions requiring the use of certifying a signature, wherein the 
signature remains anonymous (col. 3:8-13; 3:57-5:9). It would be obvious to one of 
ordinary skill in the art at the time the invention was made wherein the sending and 
receiving of the first and second messages are performed by using a pseudonym, since 
it is desirous to maintain the privacy of a user transferring certified information (Ellison, 
1:65-2:1). Finally, an anonymous communication connection is necessarily required in 
a pseudonym protocol. The aforementioned cover the limitations of claims 21 and 22. 

21 . As per claims 25 and 26, they are apparatus claims corresponding to ciaims 6 
and 13, and they do not teach or define above the information claimed in claims 6 and 
13. Therefore, claims 25 and 26 are rejected as being unpatentable over Lewis in view 
of Ellison and Brand for the same reasons set forth in the rejections of claims 6 and 13. 

22. As per claims 27, 28, 31 and 32, the rejections of claims 6 and 13 under 35 
U.S.C. 103(a) are incorporated herein, (supra) In addition, means to perform the 
methods of claims 6 and 13 are embodied in a program of instructions executable by a 
machine (Lewis, Figure 2). 
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23. As per claims 34 and 35, the rejections of claims 6, 13, 25, 26, 27, 28, 31 and 32 
under 35 U.S.C. 103(a) are incorporated herein, (supra) In addition, means to affect the 
functions of the devices of claims 25 and 26 comprise computer readable program 
(Lewis, col. 2:10-14). 

24. Claims 1-5, 12, 14-16, 18, 23, 24, 30 and 33 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Lewis in view of Muftic U.S. Patent No. 5,850,442 
(hereinafter Muftic), Ellison and Brand. 

25. As per claim 1 , Lewis discloses a method comprising generating an electronic 
receipt in a communication system providing a public key encryption infrastructure, 
wherein a server generation module in response to an electronic payment transaction, 
generates a receipt and transmits the receipt, wherein the receipt comprises a client 
digital signature and a the server digital signature, and a data set uniquely identifying 
the executed transaction, and further wherein the receipt authenticates the electronic 
transaction (Lewis, col. 4:24-44). 

26. Lewis does not expressly teach how the electronic receipt is authenticated. 
Muftic teaches an ordinary means of authenticating a signed message by a sender of 
the message using a public key encryption infrastructure including the following steps: 

i. receiving a message from a sender, the message being electronically 
signed by the sender using a private signature key owned by the sender; the 
corresponding public key of the sender is provided within a digital certificate by a 
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trusted issuer and signed by the issuer having given the certificate, wherein the 
certificate includes details for the context of the certificate and a reference to the 
owner of the certificate (Muftic, col. 2:42-51; 3:35-52; 4:27-32; digital certificates 
in the standard X.509 define attributes including certificate context and key 
subscriber identity values); 

j. obtaining a public signature verification key on the basis of the reference 
to the owner of the certificate (digital certificates enables trusted retrieval of the 
public signature verification key); and 

k. examining whether or not the private signature key used for electronically 
signing the message is associated to the public signature verification key 
obtained on the basis of the reference to the owner of the certificate (Muftic, 
2:44-51). 

27. Although Muftic does not expressly teach submitting the certificate holding the 
public signature verification key and signed by the issuer with the original signed 
message; including the certificate with the signed message is a trivial combination since 
adequate verification of the signed message requires the signed certificate (see Muftic, 
3:30-33); moreover, the combination of disparate parts has been found to be an obvious 
feature. See In re Larson 144 USPQ 347 (CCPA 1965). Further, the digital certificate 
taught by Muftic is operatively equivalent to the electronic receipt: both maintain a 
record of an agreement/transaction between the owner and the issuer. Hence, it would 
be obvious to one of ordinary skill in the art at the time the invention was made given 
the invention of Lewis wherein the receipt is signed by both the owner of the receipt and 
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the issuer of the receipt, and the verification steps taught by Muftic, to verify the receipt 
according to the recited steps of applicant's claim 1, since it is desirous to 
cryptographically verify the receipt as being owned by the sender and issued by the 
issuer (Lewis, 4:36-38; Muftic, 2:10-14 and 3:47-49). 

28. Further, Lewis does not teach using a first private-public signature key pair to 
issue a pseudonym to a user, the user using the pseudonym and the first private 
signature key to obtain the receipt from the issuer, and verifying ownership of the 
receipt by maintaining the owner anonymous or pseudonymous. Ellison discloses 
creating user pseudonyms by generating a key pair and certifying the generated public 
key by a trusted center to withhold the identity of a user in transactions requiring the use 
of the pseudonym key to certify digital signatures of the user, (Ellison, col. 3:8-13; 3:57- 
5:9). In the method of Lewis, the keys used to sign and to verify the signatures of the 
receipts are rendered anonymous using the anonymous keys as taught by Ellison. 
Therefore, it would be obvious to one of ordinary skill in the art at the time the invention 
was made to use a first private-public signature key pair to issue a pseudonym to a 
user, the user using the pseudonym and the first private signature key to obtain the 
receipt from the issuer, and to verify ownership of the receipt while maintaining the 
anonymity of the owner of the receipt, since it is desirous to maintain the privacy of a 
user transferring certified information (Ellison, 1:65-2:1). 

29. Finally, Lewis does not disclose using a second private signature key different 
than the first private signature key and owned by the sender to verify the ownership of 
the receipt. Brand discloses a cryptographic concept of using different pseudonyms at 
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different organizations such that the pseudonyms are unlinkable. (col. 2:15-34) This 
concept as applied to the teachings of Lewis and Ellison suggest using different 
pseudonym key pairs for different types of transactions to ensure unlinkablity of the 
transaction between the user and the organization issuing the receipt, and the 
transaction between the user and the organization verifying the receipt. Therefore, it 
would be obvious to one of ordinary skill in the art at the time the invention was made to 
use a second private signature key different than the first private signature key and 
owned by the sender to verify the ownership of the receipt. This would ensure better 
privacy for the user since the organization generating the receipt and the organization 
validating the ownership of the receipt are not able to collude to identify the owner of the 
receipt, Brand, ibid. The aforementioned cover the limitations of claim 1 . 

30. As per claim 2, the rejection of claim 1 under 35 U.S.C. 103(a) is incorporated 
herein, (supra) In addition, the reference to the owner of the receipt is a public 
signature verification key associated to a private signature key held by the owner of the 
receipt (Muftic, col. 2:15-25). 

31 . As per claims 3 and 4, the rejection of claim 2 under 35 U.S.C. 1 03(a) is 
incorporated herein, (supra) In addition, the reference to the owner of the receipt is a 
pseudonym used by the owner of the receipt and a certificate securely links the 
pseudonym to the public signature verification key (Ellison, Abstract; Muftic, col. 2:15- 
25). It would be obvious to one of ordinary skill in the art at the time the invention was 
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made for the reference to the owner of the receipt to be a pseudonym used by the 
owner of the receipt and for a certificate to securely link the pseudonym to the public 
signature verification key, since it is desirous to maintain the privacy of a user 
transferring certified information (Ellison, 1:65-2:1). The aforementioned cover the 
limitations of claims 3 and 4. 

32. As per claim 5, the rejection of claim 1 under 35 U.S.C. 103(a) is incorporated 
herein, (supra) In addition, the method further comprises the step of authenticating the 
receipt using a public signature verification key assigned to the issuer of the receipt 
(Muftic, col. 3:51-52). 

33. As per claim 12, the rejections of claims 1 and 6 under 35 U.S.C. 103(a) are 
incorporated herein, (supra) In addition, the reference to a designated owner is a public 
signature key associated to a private signature verification key held by the designated 
.owner of the receipt (Muftic, col. 3:35-41). It would be obvious to one of ordinary skill in 
the art at the time the invention was made for the reference to a designated owner to be 
a public signature key associated to a private signature verification key held by the 
designated owner of the receipt, since it is desirous to identify and verify a cryptographic 
signature signed with the owner's private key (Muftic, 2:6-14 and 3:35-52). The 
aforementioned cover the limitations of claim 12. 
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34. Regarding claims 14 and 16, the rejections of claims 1 and 13 under 35 U.S.C. 
103(a) are incorporated herein, (supra) In addition, as argued in the rejection of claim 
1, verification of the receipt signed by both the sender and the issuer is an obvious step. 
Further, a mediating service distinct from the owner of the receipt necessarily verifies 
the ownership of a receipt. Finally, Muftic teaches verifying a signed message by 
decrypting the signed message and comparing the decrypted message with an original 
message for equality (Muftic, col. 2:41-51), which is functionally obvious over the step of 
comparing two electronic signatures for equality as recited in claim 16. 

35. As per claim 15, the rejection of claim 14 under 35 U.S.C. 103(a) is incorporated 
herein, (supra) Lewis does not expressly teach the first addressee is identical to the 
second addressee. However, it is notoriously well known for certification parties who 
issue certificates also verify the certificates. For example, trusted certification issuers 
such as VeriSign both issue certificates and verify issued certificates. Examiner takes 
Official Notice of this teaching. Therefore, it would be obvious to one of ordinary skill in 
the art at the time the invention was made for the first addressee to be identical to the 
second addressee since a single party may be best equipped to handle both roles as 
known to one of ordinary skill in the art. Furthermore, it is desirable for a server issuing 
a receipt to be able to validate the receipt, since a receipt acts as a record of services 
requested and paid for by the user. The aforementioned cover the limitations of claim 
15. 
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36. Regarding claim 18, the rejections of claims 12 and 13 under 35 U.S.C. 103(a) 
are incorporated herein, (supra) In addition, the reference to a designated owner is a 
public signature key associated to a private signature verification key held by the 
designated owner of the receipt (Muftic, col. 3:35-41). It would be obvious to one of 
ordinary skill in the art at the time the invention was made for the reference to a 
designated owner to be a public signature key associated to a private signature 
verification key held by the designated owner of the receipt, since it is desirous to 
identify and verify a cryptographic signature signed with the owner's private key (Muftic, 
2:6-14 and 3:35-52). The aforementioned cover the limitations of claim 18. 

37. As per claim 24, it is an apparatus claims corresponding to claim 1, and it does 
not teach or define above the information claimed in claim 1 . Therefore, claim 24 is 
rejected as being unpatentable over Lewis in view of Muftic, Ellison and Brand for the 
same reasons set forth in the rejection of claim 1 . 

38. As per claims 23 and 30, the rejections of claims 1 and 24 under 35 U.S.C. 
103(a) are incorporated herein, (supra) In addition, means to perform the method of 
claim 1 is embodied in a program of instructions executable by a machine (Lewis, 
Figure 2). 
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39. As per claim 33, the rejections of claims 1 , 23, 24 and 30 under 35 U.S.C. 103(a) 
are incorporated herein, (supra) In addition, means to affect the functions of the device 
of claim 24 comprise a computer readable program (Lewis, col. 2:10-14). 
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